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CREATE AND STORE GROUP LIST(S) AND RESOURCE 
DEFINITIONS IN A DATA STORE 
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CREATE AND STORE INFORMATION DEFINING A USER OF A 
NETWORK COMPUTER AS A MEMBER OF A GROUP 
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CREATE AND STORE ONE OR MORE ACCESS CONTROLS 
REFERRING TO GROUPS AND RESOURCES, USING 
RESTRICTIVE POLICY 
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PERFORM NETWORK ADDRESS BINDING RESOLUTION TO BIND 
EACH USER TO A SPECIFIC NETWORK ADDRESS 
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SEND EACH NETWORK ADDRESS TO EACH POLICY ENFORCEMENT 
POINT IN ASSOCIATION WITH GROUP IDENTIFIER OF THE GROUP OF 
THE USER WHO IS BOUND TO THE NETWORK ADDRESS 
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UPDATE GROUP MEMBERSHIP AT 
POLICY ENFORCEMENT POINT 



Fig. 3 
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ENFORCE POLICY BASED ON ACCESS CONTROLS 
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DETERMINE THAT USER HAS D\i 

COMF 
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3CONTINUED USE OF NETWORK 
•UTER 
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SEND EACH NETWORK ADDRESS TO EACH POLICY ENFORCEMENT 
POINT WITH INSTRUCTION TO REMOVE FROM THE GROUP OF THE 
USER WHO IS BOUND TO THE NETWORK ADDRESS 



Fig. 4A 
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DEFINE SECURITY ZONE THAT INCLUDES A SWITCH, ONE OR 
MORE POLICY ENFORCEMENT POINTS, AND A DHCP SERVER 
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USER BOOTS MACHINE ON A PORT OF THE SWITCH 
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RECEIVE NETWORK ADDRESS FROM DHCP SERVER 
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INITIATE AUTHENTICATION MECHANISM; PROMPT 
USER WITH CHALLENGE 
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USER SUCCESSFULLY RESPONDS TO CHALLENGE, E.G., 
WITH AUTHENTICATED USERNAME AND PASSWORD 



Fig. 4B 
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PERFORM NETWORK ADDRESS BINDING RESOLUTION 



414 

ASSOCIATE USER WITH A GROUP 
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DISTRIBUTE NETWORK ADDRES 
POLICY ENFORCEMENT POIT 


5S AND GROUP BINDING TO ALL 
sTTS OF THE SECURITY ZONE 
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ADD USER NETWORK ADDRESS TO GROUP ACCESS CONTROL 
LISTS TO WHICH THE USER BELONGS 
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